Zero Trust Access Control with Context-Aware and Behavior-Based Continuous Authentication for Smart Homes

Silva, Giovanni R. da; Macedo, Daniel F.; Santos, Aldri

doi:10.5753/sbseg.2021.17305

Cited by 7 publications

(2 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In 2021, da Silva et al [39] proposed zero trust access control with context awareness and behavior-based continuous authentication for smart homes. A zero-aware smart home system is proposed to provide access control to the smart home system using zero trust continuous identity authentication to continuously verify the authenticity of the user, powered by edge computing to eliminate unreliable service providers and access from any means.…”

Section: Wireless Communications and Mobile Computingmentioning

confidence: 99%

A Survey on Zero Trust Architecture: Challenges and Future Trends

Huang

Chen

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

The traditional perimeter-based network protection model cannot adapt to the development of current technology. Zero trust is a new type of network security model, which is based on the concept of never trust and always verify. Whether the access subject is in the internal network or the external network, it needs to be authenticated to access resources. The zero trust model has received extensive attention in research and practice because it can meet the new network security requirements. However, the application of zero trust is still in its infancy, and enterprises, organizations, and individuals are not fully aware of the advantages and disadvantages of zero trust, which greatly hinders the application of zero trust. This paper introduces the existing zero trust architecture and analyzes the core technologies including identity authentication, access control, and trust assessment, which are mainly relied on in the zero trust architecture. The main solutions under each technology are compared and analyzed to summarize the advantages and disadvantages, as well as the current challenges and future research trends. Our goal is to provide support for the research and application of future zero trust architectures.

show abstract

Section: Wireless Communications and Mobile Computingmentioning

confidence: 99%

A Survey on Zero Trust Architecture: Challenges and Future Trends

Huang

Chen

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…Nonetheless, it does not support passive access control and role hierarchy. Silva et al [15] presented zero trust access control with context-aware and behavior-based continuous authentication. However, the impact of latency and concurrency remains untested, and the accuracy cannot be guaranteed.…”

Section: Introductionmentioning

confidence: 99%

Master-slave Multi-chain with Risk Assessment based Access Control Model for Zero Trust Network

Shao,

Gu,

Yang

et al. 2024

Preprint

View full text Add to dashboard Cite

Zero trust aims to enable users in untrusted network areas to access trusted areas through authentication and policy control. When entering a zero trust network, no entity is inherently trusted, and resources are subject to continuous and dynamic evaluation during access. However, challenges such as dynamic access control decisions, multi-domain polymorphic access subjects, and continuous assessment of access behavior highlight the limitations of conventional zero trust networks in meeting evolving user demands for network security. In response to these challenges, we propose the master-slave multi-chain with risk assessment based access control (MMR-AC) model for zero trust network. This model introduces a unified identity management strategy through the design of access control contracts, facilitating seamless cross-domain access between different identity management systems. Additionally, the model leverages a master-slave multi-chain architecture to establish an Attribute-Based Access Control (ABAC) mechanism. To achieve continuous assessment of the access subject, the model utilizes the historical access records of the access subject as training data. Furthermore, it introduces an access risk assessment method using LightGBM. Experimental results with the proposed MMR-AC model demonstrate its capability to achieve a continuous and accurate assessment of user access risks.

show abstract

Toward zero trust in 5G industrial internet collaboration systems

Zhang,

Chen

2024

Digital Communications and Networks

View full text Add to dashboard Cite

Zero Trust Access Control with Context-Aware and Behavior-Based Continuous Authentication for Smart Homes

Cited by 7 publications

References 15 publications

A Survey on Zero Trust Architecture: Challenges and Future Trends

A Survey on Zero Trust Architecture: Challenges and Future Trends

Master-slave Multi-chain with Risk Assessment based Access Control Model for Zero Trust Network

Toward zero trust in 5G industrial internet collaboration systems

Contact Info

Product

Resources

About